Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:25219: Important: redis:7 security update

redisredhatcve-2026-23479cve-2026-23631cve-2026-25243
This security update addresses three critical use-after-free vulnerabilities (CVE-2026-23479, CVE-2026-23631, CVE-2026-25243, all CVSS 8.8 HIGH or 8.1 HIGH) in Redis that can lead to remote code execution via client unblocking, Lua scripting, or the RESTORE command. The vulnerabilities affect Redis versions from 7.2.0 through 8.6.2, as well as all versions prior to 8.6.3. The fix requires upgrading Redis to version 8.6.3.
Read Full Article →

Red Hat Product Errata RHSA-2026:25219 - Security Advisory Issued: 2026-06-11 Updated: 2026-06-11 RHSA-2026:25219 - Security Advisory Overview Updated Packages Synopsis Important: redis:7 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for the redis:7 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. Security Fix(es): redis: use-after-free in unblock client flow may allow remote code execution (CVE-2026-23479) redis: Remote code execution via use-after-free in Lua scripting (CVE-2026-23631) redis: RESTORE invalid memory access may allow remote code execution (CVE-2026-25243) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x Fixes BZ - 2466780 - CVE-2026-23479 redis: use-after-free in unblock client flow may allow remote code execution BZ - 2466788 - CVE-2026-23631 redis: Remote code execution via use-after-free in Lua scripting BZ - 2466828 - CVE-2026-25243 redis: RESTORE invalid memory access may allow remote code execution CVEs CVE-2026-23479 CVE-2026-23631 CVE-2026-25243 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM redis-7.2.14-1.module+el9.8.0+24327+41ceb644.src.rpm SHA-256: ba9301b9a5cd54e314e2400f8b9a083642d8e28ba68f140ee8198c9077f8146d x86_64 redis-7.2.14-1.module+el9.8.0+24327+41ceb644.x86_64.rpm SHA-256: 763332480516666599918fd30c1fb7a1496306eeea23a4c51fa2b3eab90ec114 redis-debuginfo-7.2.14-1.module+el9.8.0+24327+41ceb644.x86_64.rpm SHA-256: 499e6d9e918ec0257c8a77d5cae5e99c8b98b267ef5e72ed0efe5e46900355e1 redis-debugsource-7.2.14-1.module+el9.8.0+24327+41ceb644.x86_64.rpm SHA-256: ba241507a53fc7225d68cfe3805edf3b1d509bcb8b761e8739d0a2dfd53fb42e redis-devel-7.2.14-1.module+el9.8.0+24327+41ceb644.x86_64.rpm SHA-256: 2e5a3f3aa19637f6815209763a00c976a062b9217474df350c5a8077fc4a6129 redis-doc-7.2.14-1.module+el9.8.0+24327+41ceb644.noarch.rpm SHA-256: 18be2789802e93c706b4e211dc9b959ce5bb381f3ed90da180c804cee1b053d9 redis-doc-7.2.14-1.module+el9.8.0+24327+41ceb644.noarch.rpm SHA-256: 18be2789802e93c706b4e211dc9b959ce5bb381f3ed90da180c804cee1b053d9 redis-doc-7.2.14-1.module+el9.8.0+24327+41ceb644.noarch.rpm SHA-256: 18be2789802e93c706b4e211dc9b959ce5bb381f3ed90da180c804cee1b053d9 redis-doc-7.2.14-1.module+el9.8.0+24327+41ceb644.noarch.rpm SHA-256: 18be2789802e93c706b4e211dc9b959ce5bb381f3ed90da180c804cee1b053d9 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 SRPM redis-7.2.14-1.module+el9.8.0+24327+41ceb644.src.rpm SHA-256: ba9301b9a5cd54e314e2400f8b9a083642d8e28ba68f140ee8198c9077f8146d x86_64 redis-7.2.14-1.module+el9.8.0+24327+41ceb644.x86_64.rpm SHA-256: 763332480516666599918fd30c1fb7a1496306eeea23a4c51fa2b3eab90ec114 redis-debuginfo-7.2.14-1.module+el9.8.0+24327+41ceb644.x86_64.rpm SHA-256: 499e6d9e918ec0257c8a77d5cae5e99c8b98b267ef5e72ed0efe5e46900355e1 redis-debugsource-7.2.14-1.module+el9.8.0+24327+41ceb644.x86_64.rpm SHA-256: ba241507a53fc7225d68cfe3805edf3b1d509bcb8b761e8739d0a2dfd53fb42e redis-devel-7.2.14-1.module+el9.8.0+24327+41ceb644.x86_64.rpm SHA-256: 2e5a3f3aa19637f6815209763a00c976a062b9217474df350c5a8077fc4a6129 redis-doc-7.2.14-1.module+el9.8.0+24327+41ceb644.noarch.rpm SHA-256: 18be2789802e93c706b4e211dc9b959ce5bb381f3ed90da180c804cee1b053d9 redis-doc-7.2.14-1.module+el9.8.0+24327+41ceb644.noarch.rpm SHA-256: 18be2789802e93c706b4e211dc9b959ce5bb381f3ed90da180c804cee1b053d9 redis-doc-7.2.14-1.module+el9.8.0+24327+41ceb644.noarch.rpm SHA-256: 18be2789802e93c706b4e211dc9b959ce5bb381f3ed90da180c804cee1b053d9 redis-doc-7.2.14-1.module+el9.8.0+24327+41ceb644.noarch.rpm SHA-256: 18be2789802e93c706b4e211dc9b959ce5bb381f3ed90da180c804cee1b053d9 Red Hat Enterprise Linux for IBM z Systems 9 SRPM redis-7.2.14-1.module+el9.8.0+24327+41ceb644.src.rpm SHA-256: ba9301b9a5cd54e314e2400f8b9a083642d8e28ba68f140ee8198c9077f8146d s390x redis-doc-7.2.14-1.module+el9.8.0+24327+41ceb644.noarch.rpm SHA-256: 18be2789802e93c706b4e211dc9b959ce5bb381f3ed90da180c804cee1b053d9 redis-7.2.14-1.module+el9.8.0+24327+41ceb644.s390x.rpm SHA-256: d34016b4cddef216969d6c115e7846a9c1e785f8a6909285668eb5b3573a8509 redis-debuginfo-7.2.14-1.module+el9.8.0+24327+41ceb644.s390x.rpm SHA-256: ea321193298998934cf913df5adfe2f974dbcb66cbe1c0f243b9eebfe1c06229 redis-debugsource-7.2.14-1.module+el9.8.0+24327+41ceb644.s390x.rpm SHA-256: 122a6f3d06954553c3272125c56cb07efd8215b96b1f43ddbfbe4daad52583ea redis-devel-7.2.14-1.module+el9.8.0+24327+41ceb644.s390x.rpm SHA-256: 9b7e2ba47b8adc3897362e4f928193a66e5cb230fbeec4be1250aaa6119cfaaa redis-doc-7.2.14-1.module+el9.8.0+24327+41ceb644.noarch.rpm SHA-256: 18be2789802e93c706b4e211dc9b959ce5bb381f3ed90da180c804cee1b053d9 redis-doc-7.2.14-1.module+el9.8.0+24327+41ceb644.noarch.rpm SHA-256: 18be2789802e93c706b4e211dc9b959ce5bb381f3ed90da180c804cee1b053d9 redis-doc-7.2.14-1.module+el9.8.0+24327+41ceb644.noarch.rpm SHA-256: 18be2789802e93c706b4e211dc9b959ce5bb381f3ed90da180c804cee1b053d9 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 SRPM redis-7.2.14-1.module+el9.8.0+24327+41ceb644.src.rpm SHA-256: ba9301b9a5cd54e314e2400f8b9a083642d8e28ba68f140ee8198c9077f8146d s390x redis-doc-7.2.14-1.module+el9.8.0+24327+41ceb644.noarch.rpm SHA-256: 18be2789802e93c706b4e211dc9b959ce5bb381f3ed90da180c804cee1b053d9 redis-7.2.14-1.module+el9.8.0+24327+41ceb644.s390x.rpm SHA-256: d34016b4cddef216969d6c115e7846a9c1e785f8a6909285668eb5b3573a8509 redis-debuginfo-7.2.14-1.module+el9.8.0+24327+41ceb644.s390x.rpm SHA-256: ea321193298998934cf913df5adfe2f974dbcb66cbe1c0f243b9eebfe1c06229 redis-debugsource-7.2.14-1.module+el9.8.0+24327+41ceb644.s390x.rpm SHA-256: 122a6f3d06954553c3272125c56cb07efd8215b96b1f43ddbfbe4daad52583ea redis-devel-7.2.14-1.module+el9.8.0+24327+41ceb644.s390x.rpm SHA-256: 9b7e2ba47b8adc3897362e4f928193a66e5cb230fbeec4be1250aaa6119cfaaa redis-doc-7.2.14-1.module+el9.8.0+24327+41ceb644.noarch.rpm SHA-256: 18be2789802e93c706b4e211dc9b959ce5bb381f3ed90da180c804cee1b053d9 redis-doc-7.2.14-1.module+el9.8.0+24327+41ceb644.noarch.rpm SHA-256: 18be2789802e93c706b4e211dc9b959ce5bb381f3ed90da180c804cee1b053d9 redis-doc-7.2.14-1.module+el9.8.0+24327+41ceb644.noarch.rpm SHA-256: 18be2789802e93c706b4e211dc9b959ce5bb381f3ed90da180c804cee1b053d9 Red Hat Enterprise Linux for Power, little endian 9 SRPM redis-7.2.14-1.module+el9.8.0+24327+41ceb644.src.rpm SHA-256: ba9301b9a5cd54e314e2400f8b9a083642d8e28ba68f140ee8198c9077f8146d ppc64le redis-doc-7.2.14-1.module+el9.8.0+24327+41ceb644.noarch.rpm SHA-256: 18be2789802e93c706b4e211dc9b959ce5bb381f3ed90da180c804cee1b053d9 redis-doc-7.2.14-1.module+el9.8.0+24327+41ceb644.noarch.rpm SHA-256: 18be2789802e93c706b4e211dc9b959ce5bb381f3ed90da180c804cee1b053d9 redis-7.2.14-1.module+el9.8.0+24327+41ceb644.ppc64le.rpm SHA-256: ede90165d9196b9c63110f40fde938dc2db9dc4e4d8b76a495fdfc0d7072f225 redis-debuginfo-7.2.14-1.module+el9.8.0+24327+41ceb644.ppc64le.rpm SHA-256: 92d65c9a5ffe8b121ab06be9b2ca25151c38d9126c0844d3ea2a9c161495f206 redis-debugsource-7.2.14-1.module+el9.8.0+24327+41ceb644.ppc64le.rpm SHA-256: 06cd448a929421f0a1acb6a71e077aa984ebc0909f77a1798a15511c4a297987 redis-devel-7.2.14-1.module+el9.8.0+24327+41ceb644.ppc64le.rpm SHA-256: 0189382f060b889088bdb18c31d217ba862f3c146360e760823c8f5c7793c369 redis-doc-7.2.14-1.module+el9.8.0+24327+41ceb644.noarch.rpm SHA-256: 18be2789802e93c706b4e211dc9b959ce5bb381f3ed90da180c804cee1b053d9 redis-doc-7.2.14-1.module+el9.8.0+24327+41ceb644.noarch.rpm SHA-256: 18be2789802e93c706b4e211dc9b959ce5bb381f3ed90da180c804cee1b053d9 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 SRPM redis-7.2.14-1.module+el9.8.0+24327+41ceb644.src.rpm SHA-256: ba9301b9a5cd54e314e2400f8b9a083642d8e28ba68f140ee8198c9077f8146d ppc64le redis-doc-7.2.

Related Articles

HIGH RHSA-2026:25216: Important: valkey security update Red Hat Errata HIGH Multiples vulnérabilités dans Redis (06 mai 2026) CERT-FR (ANSSI) HIGH Redis Products Multiple Vulnerabilities HKCERT CRITICAL Patch Tuesday - May 2026 Rapid7 Research
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn